api keys: rework API key UI.

* Add an explanation of what an API key is and how to use it.
* Make it possible for the site owner to view all API keys.
* Remove the requirement to re-enter your password before you can view
  your API key (to be reworked).
* Move the API key controller from maintenance/user/api_keys_controller.rb
  to a top level controller.

app/models/api_key.rb

@@ -4,12 +4,17 @@ class ApiKey < ApplicationRecord
   validates_uniqueness_of :key
   has_secure_token :key
 
-  def self.generate!(user)
-    create(:user_id => user.id)
+  def self.visible(user)
+    if user.is_owner?
+      all
+    else
+      where(user: user)
+    end
   end
 
-  def regenerate!
-    regenerate_key
-    save
+  def self.search(params)
+    q = search_attributes(params, :id, :created_at, :updated_at, :key, :user)
+    q = q.apply_default_order(params)
+    q
   end
 end